The firm predicts that AI will catalyze more threat actors to regroup faster and launch even more attacks in 2025
Based on its own incident data for 2024, an “information assurance” firm has released a report stating that the 5,263 ransomware attacks it had encountered was the highest number it ever saw since monitoring such attacks in 2021.
In that number, LockBit remained the top threat actor, accounting for 526 (10%), a decline from its days before it was taken down in February 2024.
The next most common group was RansomHub, which accounted for 501 attacks. In terms of geographical distribution, the data from North America made up 55% of all attacks counted . Overall, most regions had witnessed a rise in attacks compared to 2023 data.
In terms of business type, the data analyzed showed that industrial firms experienced 27% of all attacks analyzed for 2024, a 12% increase from data analyzed by the same firm for 2023.
Other observations in the report include:
- Despite short term law enforcement crackdowns, threat actors had continued to emerge quickly after intervention. LockBit was operating again only five days after its takedown, with warnings that it intended to be back in full force by February 2025.
- International collaborations to recognize and address the threats posed by cyber adversaries had been stepped up during 2024, with notable examples including coordinated law enforcement actions such as operations such as Cronos, Magnus, Destabilise, and Serengeti.
According to Matt Hull, Global Head, Threat Intelligence, NCC Group, the firm releasing its findings: “Looking ahead, these challenges are set to escalate as cybercriminals and nation-state actors increasingly exploit the growing integration of technology into all aspects of life. Key concerns such as third-party compromises, cloud vulnerabilities, and insecure APIs remain critical. We also can’t ignore the rapid advances in AI that are giving rise to new cybercriminal tactics. And the geopolitical dimension of cybersecurity adds to the ever-changing threat landscape, with nation-states posing significant risks to critical infrastructure.”